Privacy Policy – Coeus Software Ltd

What is your Privacy Policy?

We need to review your Privacy Policy, could you provide it please?

Introduction

We take the privacy of data very seriously and have a comprehensive set of policies in place.  the following sets out our Privacy Policy which explains what happens to your data, depending on how you interact with us.  We also explain some of the terms which govern the use of the Apps and Services which form part of our platforms.

Who are We?

We are Coeus Software Ltd (Coeus, We, Our, Us), the developers and promoters of intelligent mobile solutions, designed to provide scalable and highly configurable frontline digital mobility platforms for use by the Police and other organisations which operate in regulated environments. 

We trade under the following product brands:

PoliceBox
Quvo
CheckPlate

We are registered in England & Wales, with company number 05830505, at: 

Boho One,
Bridge Street West,
Middlesbrough.  TS2 1AE.
United Kingdom.

License Terms

Your use of our platforms is subject to the following terms, including those which relate to privacy and data protection.

Device Ownership

You agree to only download or stream the platform’s App (e.g. PoliceBox / Quvo / CheckPlate) on devices as authorised and designated by your organisation. Your organisation will hold a valid subscription to the platform.

If you download or stream the App onto any phone or other device not owned by you, you must have the owner’s permission to do so. You will be responsible for complying with these terms, whether you own the
phone or other device.

License Restrictions

You agree that you will:

not rent, lease, sub-license, loan, provide, or otherwise make available, the App or the Services in
any form, in whole or in part to any person without prior written consent from us;

not copy the App, Documentation or Services or any part of the platform;
not translate, merge, adapt, vary, alter or modify, the whole or any part of the App, Documentation or
Services nor permit the App or the Services or any part of them to be combined with, or become
incorporated in, any other programs, except as necessary to use the App and the Services on devices
as permitted in these terms;
not disassemble, de-compile, reverse engineer or create derivative works based on the whole or any
part of the App or the Services nor attempt to do any such things, except to the extent that (by virtue
of sections 50B and 296A of the Copyright, Designs and Patents Act 1988) such actions cannot be
prohibited because they are necessary to decompile the App to obtain the information necessary to
create an independent program that can be operated with the App or with another program (Permitted
Objective), and provided that the information obtained by you during such activities:
is not disclosed or communicated without the Licensor’s prior written consent to any third party to whom it is not necessary to disclose or communicate it to achieve the Permitted Objective; and
is not used to create any software that is substantially similar in its expression to the App;

is kept secure; and
is used only for the Permitted Objective(s) as set out by your organisation;
comply with all applicable technology control or export laws and regulations that apply to the
technology used or supported by the App or any Service.

Acceptable Use Restrictions

You must:

not use the App or any Service (or any part of the platform) in any unlawful manner, for any unlawful purpose, or in any manner inconsistent with these terms, or act fraudulently or maliciously, for example, by hacking into or inserting malicious code, such as viruses, or harmful data, into the App, any Service or any operating system;
not infringe our intellectual property rights or those of any third party in relation to your use of the App
or any Service, including by the submission of any material (to the extent that such use is not licensed
by these terms);
save for in the course of the normal use of the App, not transmit any material that is defamatory,
offensive or otherwise objectionable in relation to your use of the App or any Service;
not use the App or any Service in a way that could damage, disable, overburden, impair or
compromise our systems or security or interfere with other users; and
not collect or harvest any information or data from any Service or our systems or attempt to decipher
any transmissions to or from the servers running any Service

Intellectual Property Rights

All intellectual property rights in the App, the Documentation and the Services (or any part of the platform) throughout the world belong to us and the rights in the App and the Services are licensed (not sold) to you. You have no intellectual property rights in, or to, the App, the Documentation, or the Services, other than the right to use them in  accordance with these terms.

Termination

IMPORTANT: WE MAY END YOUR RIGHTS TO USE THE APP AND THE SERVICES IF YOU BREAK THESE TERMS

We may end your rights to use the App and Services at any time by contacting you if you have broken these terms in a serious way. If what you have done can be put right, We will give you a reasonable opportunity to do so.  If We end your rights to use the App and Services:

You must stop all activities authorised by these terms, including your use of the App and any Services.
You must delete or remove the App from all devices in your possession and immediately destroy all copies of the App which you have and confirm to us that you have done this.
We may remotely access your devices and remove the App from them and cease providing you with
access to the Services

Privacy

It is possible for you to interact with us, in one or more of the following ways:

Category A

This category of information relates to information We hold for the purposes of running our business

An employee of Coeus Software Ltd
A Partner or member of the supply chain
For marketing purposes, or within the context of our Sales pipeline,

As a Customer’s member of staff, with whom, We will provide support or professional services

For this category, We will collect and hold information which is specific to the relationship We hold with you:

Name,  Contact Details
Business relationship details (e.g. Employee History/Information,  Partner product literature, or Customer details including contracts or other important information)
Project or Service information (e.g. Ongoing project information,  Service Tickets, Change information)

We may associate any category of information with any other category of information, as long as this use is justified, and will treat the combined information as personal data in accordance with this policy for as long as it is combined.

We will dispose of Information We hold when it is no longer necessary or appropriate for it to be retained by us.

We will never disclose information about identifiable individuals to third parties unless We are under a legal or regulatory duty to disclose it. 

We may aggregate and anonymise (the anonymised data) such information for use as We see fit.

We may associate any category of information with any other category of information and will treat the
combined information as personal data in accordance with this policy for as long as it is combined.

Category B

It is also possible for your information to be acquired and managed by one of our Customers, due to their use of the platforms We have supplied to them.  This includes:

Authorised Users of the Customer’s organisation
Persons who interact with the Customer as part of the Customer’s line of busines

For this category, We implement technical controls, including the use of encryption so that it is not possible for Coeus (including its employees and its supply chain) to view or manage this information.  

Further, our platforms are highly scalable. A Customer chooses and has full control over which information it will collect or manage in its use of the platforms We have supplied to them.  A Customer must ensure that its use of the platforms (We have supplied) remain proportionate and lawful.

For this category, there is an App, which is securely deployed by the Customer to devices of its Authorised Users .  The following information is collected via the App.

Task Data  -  This is the information (data) the User submits into the platform via the App.  This information is likely to include a mixture of personal data (names, addresses, date of birth, etc).  Where the platform is being used by a Police service, it is likely to also include additional personal data (criminal records and offences relating to a person).   Any such Task (and its contents) are configured and fully controlled by the Customer.
User Device - The platform ensures that the device is known (on-boarded) using an automated mechanism when the User login occurs.  The User device information helps to ensure that data held at rest is fully encrypted and is not susceptible to exfiltration to another device for decryption.   This information includes the type of device in use, the unique device identifier (e.g. IMEI) mobile network information and time zone setting.
App Data - Information specific to the behaviour of the App on the User’s device.  This includes user license details (for feature switches) as Well as system logs for diagnostic purposes.

Location Data - The App may also use, and submit into the platform, GPS or GLONASS data to determine the User’s current location to help integrate with central Computer Aided Despatch (CAD) systems.  With privacy by design, location data is only submitted in certain conditions (e.g. booked-on/on-duty).

We use the information in the following ways:

To provide the Services as outlined in the Master Agreement, and these terms, to our Customer.
To monitor the use of the App and the Service, and to improve performance of the App and the Service

Each piece of information remains within the platform for use by the Customer, for only as long as is necessary to process the data.  The Customer has full control in relation to data retention in its use of the plaforms.

The Customer may choose to associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.   The Customer may choose to disclose the information it collects in its use of the platforms for its own justified purposes.

For this category of data, We will never disclose information about identifiable individuals to third parties. Where We receive disclosure requests, We will liaise with the Customer who will be the primary respondent.

We have applied encryption to this data while it is held in our platforms so that it remains protected in the face of unauthorised disclosure or seizure.

Where We store the Data

We store data in different places dependent on the category of information.  For Category A information, the information is held on various SaaS platforms, which meet a stated business requirement. Details of the Sub Processors We use are provided below.  A mix of EU and US based data centres are involved in the delivery of those SaaS platforms to Coeus.

For Category B information, We use in-country data centres of our Cloud services partners (e.g. Microsoft Azure) to host our platforms.   By way of example, Customers in the United Kingdom can excpect that their use of the platform will operate within UK domicile data centres.

Secure Transmission

Unfortunately, the transmission of information via the internet is not completely secure. Although We will do
our best to protect any data in transit, We cannot guarantee the security of the data transmitted;
any transmission is at the user’s own risk.

In all circumstances We use HTTPS TLS 1.2 for secured transmission.  For Category B information, each payload is further protected (application level) using encryption.

Cookies

For details about what Cookies We employ, where, and how, please take a look at our Cookie Policy.

Sub Processors

To help us deliver the best possible service and features, We make use of carefully selected third parties to store and process information.   To see our current list of sub processors, please click here.

Subject Access & Erasure

If you want to know if anything “about You” is held in platforms that We have developed, but are in use by one of our Customers, you will need to reach out to those organisations for SARs and SERs.  We cannot see the data in those platforms due to security technologies we have built to protect the integrity of the information  assets belonging to our Customers.

If you think that We may hold information “about You”, and it is in one of our business systems, please get in touch with our Service Desk.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.