Privacy Policy

1. Who Are We?

We are D-VUE Limited trading as Qual-E-Pass, an Irish-registered company with company registration number 560678 and registered office at Copperfield, Clonagh, Tullamore, County Offaly, R35 R8R6, Ireland.

2. What Information Do We Collect from You?

You may give us information by:

  • Corresponding with us by phone, e-mail or otherwise.  We ask you to disclose only as much information as is necessary to provide you with our services or to submit a question/suggestion/comment in relation to our site or our services.
  • Corresponding with us by phone, e-mail or otherwise.  We ask you to disclose only as much information as is necessary to provide you with our services or to submit a question/suggestion/comment in relation to our site or our services.
  • Filling in our contact us form on www.qual-e-pass.com (our site).
  • Applying to work with us. The type of information you may provide your CV, a cover letter, your name, address, e-mail address and phone number. CVs should include information relevant to your employment history and education (degrees obtained, places worked, positions held, relevant awards, and so forth). We ask that you do not disclose sensitive personal information (e.g. gender, height, weight, medical information, religion, philosophical or political beliefs, financial data) in your application.
  • Registering to use our services. The type of information you provide when you register with us is your username, password, company, job title, account details. Any payments made are processed by our third-party supplier and we do not have sight of your payment details.
  • Using our services. The type of information you provide when you use our services is communications sent through our services, details of certificates and credentials managed through our services, notes on certificates or credentials (verifiers and managers only), activity log.
  • Providing us with services. They type of information you provide us when you supply us is name, job title, account details, communications such as emails.

We will also process the following information on Qual-E-Pass holders, which will either be you or persons whose certificates or credentials you are managing through our services. The data we process relating to Qual-E-Pass holders is as follows:

  • Name
  • Job title
  • Photograph
  • Scans of certificates and credentials
  • Number of credential record
  • Company
  • Dates of expiry of certificates or credentials

2.1. Google reCAPTCHA

This site is protected by Google’s reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

3. Our GDPR Compliance

We fully align with the EU General Data Protection Regulations and have a dedicated data protection officer in place to deal with all queries as they arise. You can contact our DPO at this email dpo@qualepass.com. While you have rights to accept or refuse the use of cookies, you should be aware that the service you wish to avail of might not be accessible in full without acceptance of certain cookies. Given the nature of our business, our clients are responsible for ensuring that they have the proper authority to process the personal details of their individual teams as and where required. We have no liability to the third-party groups which our users process information for, and users understand that they are wholly liable for compliance with the general data protection regulations in their own right.

4. Why Do We Collect This Information?

We collect the information in order to provide you with our services, to market our services, to improve our site and services, to recruit staff, to obtain services from third parties.

We will use this information:

  • To liaise with you about services we are providing to you;
  • To administer and improve our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • As part of our efforts to keep our site and services safe and secure;
  • To enable access to our services;
  • To enable the audit by our credential verification customers or regulatory authorities of the certificates and credentials managed through our services;
  • To enable communications through our services between our customers about credentials;
  • To enable us to provide support to our customers; and
  • To generate reports on usage of the website and our services.

The legal bases for the processing of your personal data are:

  1. For personal data of our customers, the processing is necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract; or
  2. For personal data of third parties that we manage on behalf of our customers, the processing is necessary for the purposes of the legitimate interests which your credential manager pursues or your credential verifier pursues of managing certificates and credentials or verifying certificates and credentials of staff working in particular locations that require, under law or contract, certificates or credentials in order to carry out a particular task or to be present at a particular location.

5. Who Might We Share This Information With?

We may share your information with our selected business associates, suppliers and contractors to provide you with our services, for example, our web hosting provider and our IT service providers.

In addition, we may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
  • If we or substantially all of our assets are acquired by a third party, in which case information held by us about our customers will be one of the transferred assets.
If we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect our rights, property, or safety, our customers, or others.

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

We are fully compliant with all aspects of the GDPR, which is the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council. All data derived from data records included in the direct marketing list including inter alia duplicates, copies, and other version of the direct marketing list shall be appropriately marked so the source of the data is identifiable and shall have an expiry date for usage of the data record.

Where data elements of a data record are combined with data sources to form a composite record, the data elements can be identified and removed or changed as required.

We are only responsible for our own data records and not those of any third-party source. This specifically relates to the use of our service by users holding the personal details of others. In those instances, our liability is limited to the user and they are in turn responsible to anyone whose personal details they hold or use.

Unauthorised usage of data includes inter alia disclosure, transfer, resale, reuse, continued usage beyond the end of the active usage license, data capture or copying and modification in part or on whole.

As is required by GDPR, we have a set procedure in place to ensure that we are able to efficiently and quickly report any security incidents and evaluate processes to ensure they are not repeated.

6. How Long Do We Keep Hold of Your Information?

The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted.

For information that is managed through our services, we will keep that information for as long as that account is held with us. Credential managers may delete profiles from our system at any time.

Your data will be kept in secure data records at all times that we store it. Data records will be aggregated into one or more of data records typically but not always taking the form of a spreadsheet, data table or other structured data file.

Data processing will include any operation or set of operations which is performed on the direct marketing list, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

7. Erasing or Changing Your Personal Data

We will comply with erasing any of your personal data, subject to any exemptions provided for in Article 17(3) of the GDPR.

8. Processing Restriction Potential

Pursuant to Article 21(1) of the GDPR, you have the right to gain a processing restriction of your personal data if you believe that data is inaccurate, for a period of time that allows us to verify the data accuracy, or if you prefer the processing of your data to be restricted to certain actions only.

9. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used and machine-readable format. You also have the right to transmit that data to another controller. You can choose to opt out of communication if you wish but we would like to be able to contact you relating to service changes or updates. At any point, any change of service or update will also be able to be found on the terms and conditions page. If you choose to opt out of communication, we will not be able to contact you with any special offers or promotions that we might have.

10. Do We Transfer Your Information Outside The European Union (EU) Or European Economic Area (EEA)?

No. All information on our services is hosted within the European Union/European Economic Area.

11. What Are Your Rights with Respect to Your Information?

Where you have provided us with your personal data you have a right to be given a copy of your personal data in accordance with section 4 of the Data Protection Acts subject to certain exceptions.  To request a copy of your personal data please contact us.

If we hold incorrect information about you have the right to have the data amended. Please contact your credential manager if you are not a customer of Qual-E-Pass in order to have your information rectified. Credential managers have a direct responsibility to the persons whose information is held and shared by them. As such, we have no warranty to you and your rights under data protection should be solidified with the credential manager who is responsible for sharing your details with us, and potentially other third parties.

You have the following rights:

  • The right to access the information we hold about you.
  • The right to require us to rectify any inaccurate information about you.
  • The right to have us erase any information we hold about you in circumstances such as where it is no longer necessary for us to hold the information for your use of our services or if you have withdrawn your consent to the processing.
  • The right to object to us processing information about you such as processing for profiling or direct marketing.
  • The right to ask us to provide your information to you in a portable format or, where technically feasible, for us to port that information to another provider provided it does not result in a disclosure of information relating to other people.
  • The right to request a restriction of the processing of your information. Where our processing of your information is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.

12. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling in the provision of our services to you.

13. What Will Happen If We Change Our Privacy Notice

This notice may change from time to time, and any changes will be posted on our site and will be effective when posted. Please review this notice each time you use our site or our services.

14. How Can You Contact Us?

You can contact us:

By phone: + 353 (0) 57 9300007
On our website contact form: www.qual-e-pass.com/contact-us
Or by email: team@qualepass.com

This notice was last updated on 4th December 2019.