GDPR
Our Commitment to Protecting Your Data
At Evniverse LMS, we take our ethical, legal, and professional responsibility seriously when it comes to safeguarding the information we hold. We adhere to the principles of confidentiality, integrity, privacy, and availability. This means that we ensure that the information we are entrusted with is protected against unauthorized disclosure, is accurate, timely, can be attributed to the appropriate sources, and is accessible to authorized individuals.
To uphold privacy and security standards, Evniverse LMS adheres to relevant national laws and international regulations. We have successfully completed an internal GDPR compliance program, ensuring that we were fully compliant with the General Data Protection Regulation prior to its enforcement on May 25, 2018.
GDPR Compliance
Evniverse LMS has diligently worked to ensure full compliance with the updated requirements of the General Data Protection Regulation (GDPR). We have implemented various measures to achieve this goal, including:
- Continued investment in our security infrastructure, technical measures, and organizational practices.
- Establishing appropriate contractual terms to ensure compliance with GDPR requirements.
- Incorporating confidentiality terms in the contracts of our personnel involved in the processing of personal data.
- Facilitating easy access to our dedicated Evniverse LMS data privacy personnel through email privacy@evnisoft.com. This enables users to ask questions, file complaints, or exercise their rights regarding their personal data.
- Enhancing our policies, controls, and product offerings. We have developed new tools and features to support our customers in exercising their rights related to data portability and data management.
- Providing comprehensive information about the Evniverse LMS service through our Privacy Policy and Terms and Conditions.
- In the unlikely event of a data breach, we have established a policy and plan to promptly notify the supervisory authorities and affected data subjects within 72 hours.
By implementing these measures, Evniverse LMS aims to ensure compliance with GDPR regulations and uphold the highest standards of data protection and privacy.
Supporting Evniverse LMS Customers’ Enhanced Data Subject Rights
In the following section, we will explain how Evniverse LMS assists our customers in supporting the enhanced rights of their end users. We prioritize the rights of our Evniverse LMS customers as data subjects. Regardless of their location or nationality, we are committed to supporting the new and enhanced data subject rights introduced by GDPR.
- Right to Access: Our Privacy Policy provides a comprehensive overview of the data we collect and how it is used. If you have specific inquiries about certain data, you can contact us at privacy@evnisoft.com for clarification or to obtain the information you need. We aim to provide this information promptly and free of charge, typically well before the GDPR-mandated timeframe of one month.
- Right to Rectification: You can access and update your Evniverse LMS account settings at any time to correct or complete your account information.
- Right to Erasure: You have the right to terminate your Evniverse LMS account whenever you choose. In such cases, we will permanently delete your account and all associated data in accordance with the Evniverse LMS data retention policy. Please note that account data is retained for 12 months after cancellation to facilitate the smooth reconnection of services. Inactive domains that remain inactive for 12 months or more are automatically deleted by the system. If you wish to have your data deleted immediately upon account cancellation, please contact us at privacy@evnisoft.com. We will ensure permanent deletion within a maximum of thirty days.
- Restriction of Processing: Evniverse LMS facilitates the right to request the restriction of processing by allowing administrators to mark specific users as “Inactive.” Additionally, large sets of users can be designated as “Inactive” through the mass action of selecting and applying the “Make active/inactive” feature.
- Right of Data Portability: You have the freedom to export your data from the administration panel of the Evniverse LMS application. If you require your account data to be exported to a third party, please send your request to privacy@evnisoft.com, and we will be happy to assist you.
Supporting Evniverse LMS End Users’ Enhanced Data Subject Rights
We recognize the importance of assisting Evniverse LMS end users in complying with GDPR regulations. We are proud to announce that we have developed tools and features to ensure full compliance with GDPR requirements, specifically in supporting the enhanced data subject rights for end users within Evniverse LMS domains created and managed by our customers.
Right to Access: The data collected for each Evniverse LMS end user is detailed in our Privacy Policy. Domain administrators can also gather additional data about end users through custom fields specified for their domain. All collected data is displayed on the user’s profile page, and their activity within the system can be tracked through the extended timeline of the LMS. If end users have specific inquiries regarding their data that cannot be answered by the domain administrator, they can contact us at privacy@evnisoft.com to obtain the necessary clarification or information. We strive to provide this information promptly and free of charge, typically well before the GDPR-mandated one-month deadline for response.
Right to Rectification: End users can access and update their Evniverse LMS account information, ensuring accuracy and completeness. Additionally, end users can reach out to their domain administrator or even Evniverse LMS directly if they encounter any issues or require assistance in accessing, correcting, amending, or deleting their information.
Right to Erasure: Evniverse LMS provides robust end-user management capabilities, allowing administrators to render a user inactive or permanently delete them from the system.
Evniverse LMS enables mass deletion of users based on various criteria, such as inactivity or a specified period without login. This rule-based approach to the right to be forgotten is particularly useful for managing many users. Administrators can create a custom report and then perform a mass action to delete users from the generated list.
Restriction of Processing: Evniverse LMS supports the right to restrict processing by allowing administrators to render individual users “Inactive.”
Right to Object: If an end user expresses their objection to processing for e-learning, it will be addressed according to the guidelines outlined in the “Right to Erasure” section. If an end-user objects to receiving email notifications from Evniverse LMS, they can contact their domain administrator. The domain administrator can then exclude the respective user(s) from receiving email notifications by following the steps provided in the instructions.
Right of Data Portability: Evniverse LMS supports data portability through the application’s export function. User progress can also be exported using the custom reports feature of Evniverse LMS.
Consent: Evniverse LMS enables customers to explicitly request and record users’ consent for using the service. Domain administrators can set a custom “Terms of Service” page through the “General” tab of the Settings administration page. Acceptance of this page is necessary to proceed to the LMS, providing a convenient way to obtain consent through Evniverse LMS. Consent acceptance is logged by Evniverse LMS and can be viewed in the extended timeline of the application for reporting or compliance purposes.
No automated individual decision-making: Evniverse LMS fully respects users’ right not to be subject to decisions based solely on automated processing, including profiling, that have legal effects or similarly significant impacts on them.
Stay Informed
We prioritize upholding our privacy and data security commitments. We are here to assist you in preparing for the changes introduced by GDPR. If you have any inquiries about how Evniverse LMS can support your compliance efforts or if you have any concerns regarding privacy, please don’t hesitate to contact us at privacy@evnisoft.com.