MaintenanceTV Ltd provides a platform (called Mtv for short) for technical information management. We operate this platform for the benefit of User Companies, that is, organisations and businesses who wish to use the platform for their employees and other stakeholders. The Mtv platform includes functionality that provides for users to collect information in the field (inspections, checklists, inventory, etc.) or contribute their know-how (observations, on-the-job, practical solutions to problems and processes). Thus Mtv offers life-cycle management for information: creation, sharing, improving, communication, discarding & superseding…
Privacy therefore pertains to those contributors of information (the employees and other stakeholders of the User Company).
This document lays out the ways the information is protected and the ways in which we protect the privacy of the various stakeholders mentioned above and the information itself.
1.1 Terms used in this document
For terms specific to Mtv here is a summary:
|Refers to the company or its affiliates, MaintenanceTV France
|Is used to describe the software used by Customers
|User Company / Customer
|The company or organisation that contracts with MaintenanceTV for the use of the software for their employees and other stakeholders
|The account, including the logon credentials that the User Company allocates to individual users of the Mtv platform…
|The employees or other stakeholders who will use the Mtv platform
|Any person authorised by the User Company to use the Mtv platform, including employees, suppliers and other people or businesses related to the User Company
|The Mtv software, the cloud infrastructure, the apps for the various devices
|The IT infrastructure on which Mtv operates, includes servers, database and other computer resources…
|The External Secure Cloud provider – companies such as AWS (Amazon Web Services), Azure (Microsoft Cloud Services), Google Cloud, IBM Cloud etc.
1.2 Mtv’s subsidiary role in Privacy
Mtv acts as a vendor and enabler in the privacy area. We sell or rent our services to a User Company most often by hosting our platform on the public secure cloud services of recognized vendors (such as Amazon, Microsoft, Google, IBM, etc.). There are therefore two other main principals involved in the protection of privacy: the cloud service vendors and the User Company who buys or rents our services.
Example of restricted responsibility of Mtv on cloud services: the cloud service vendor selected to host the Mtv platform for the User Company will be a major player in the industry and thus have highly sophisticated information security measures to protect data. These measures are not accessible by Mtv and Mtv has no control over their viability. Mtv cannot thus be held responsible for any eventual failure of such protection systems and confidential information being hacked.
1.3 What this policy document explains
Thus the present document covers the following topics:
- What information is collected in Mtv
- How the information is used and protected
- The choices offered including how to access and update information
If there is any doubt or further clarification needed please contact us directly or the Administrator of your system.
2. The Information collected
Here is a summary of information we collect:
|Is the information mandatory?
|Visibility decided by:
|Yes, but an alias can be used
|No – it is decided by the Customer
|Identity of contributors
|No. An alias can be used
|Assessments by managers of contributions (that may vary from good to poor)
|No, at the discretion of the Customer
|Device information – the operating system & version, hardware model, unique device identifiers
|Yes – for version delivery, upgrade notifications and support
Details of how you use the platform and its content
|Yes – for reasons of profiling needs and use of the platform
|No, at the discretion of the Customer. When enabled it may be used to log times allocated for the various jobs, time actually worked, times related to the job, travel time, rest or meal breaks, overtime…
|Geolocation – via GPS signals, sensor data
|No, at the discretion of the Customer. It may be enabled for reasons of safety, timestamps/timesheets
3. How we use information collected
We use the information collected for the functioning of the system and to fulfil the requirements of the User Company. These include:
- To encourage the contributions of know-how, team-working and collaboration in building best practices and “how-to” guides for assets and processes
- To bring to the attention of others your contributions and promote the use of such contributions and to encourage constructive criticisms and thus enhancements to your contributions
- Internal & service related purposes, such as to provide, maintain, protect, improve, and personalise our services, to develop new ones and to protect the rights, property, or safety of Mtv and our users
- To communicate with your and bring to your attention Mtv documents (forms, safety warnings, checklists, work orders, documentation, best practices…) that you are required to execute or that may be of interest to you
- To monitor and analyse trends, usage and activities in connection with the services provided by the Mtv platform
- To investigate and prevent fraudulent transactions, unauthorised access to or use of Mtv services, and other illegal or unusual activities
- To improve your user experience and overall quality of our services
3.1 Retention of Personal data
We will retain your personal data for the time necessary to perform the services your User Company. Depending on the policy of your User Company or the law of your country we are required to keep the information for certain periods of time. That may happen in the case, for example of the need to issue or resolve legal claims and/or record keeping of your User Company.
When we no longer require your information we will ensure that it is destroyed or de-identified.
3.2 Disclosure of personal information
Your User Company will normally provide a “closed” system that is not accessible to Search engines or outside access. Below we describe the ways we keep you and your information private.
3.3 Protection of your privacy - encryption and data protection
We have put in place robust measures regarding the security of the information we collect and store about you (including through the use of network and database security measures) and will use our reasonable endeavours to protect your personal data from unauthorised access to or unauthorised alteration, disclosure or destruction.
Mtv uses encryption technologies at all levels of the application stack:
At the database level:
- The user passwords are encrypted
- At the option of the Customer, the encryption can be extended to the full database so a would-be attacker is blocked from extracting sensitive information directly from the file system’s data files (the table space files)
- The connection between the database and the middle tier goes through a dedicated channel that may also be encrypted if required by the network topology.
Data transfer encryption:
- Data transfer between the client and the server is permanently encrypted and cannot be disabled by the end-user
- The same applies to all external connections like multimedia encoding service providers, CMMS or other systems.
Device or mobiles encryption:
The encryption is provided by the operating system:
- The iOS devices systematically encrypt the full storage
- The same option is available to the Android systems and can be enforced according to Customer policies.
- A password is required to access data in the mobile device’s database so the information is secured in the event a device is lost, stolen, or an attempt is made to access the device by an unauthorized third party.
- All data entered by the user are encrypted before being committed to persistent storage.
- To enforce further the effectiveness of the encryption, the mobile application is configured in such a way that the backup of the cached data (on a local computer or cloud) is disabled. Thus, even if a user wants to make a full copy of the device, such a backup will not include the locally cached database.
Other aspects of information protection
There are other ways to protect information:
- Read/write rights mentioned above, as well as the limitations on downloads per category of information, also mentioned above
- WMD – or what is termed the weapon of mass destruction that allows an administrator to wipe clean a remote device
4. The changes you can make to your own information
The User Company to which you belong will decide limitations and access to the data. Mtv provides ways for you to:
- Edit your photo, personal information, email etc.
- Credentials, qualifications and competencies...
The Mtv platform makes it possible for users to operate anonymously but that function may not be acceptable to the User Company. Normally, on a single User Company database the member users have the ability to consult your contributions, your name, email and other details such as qualifications and your current contributions. Other details such as pay rates, holiday time are not normally recorded in Mtv but if so they are fully protected.
5.1 Restrictions in the use of your information
The User Company to which you belong may provide ways for you to restrict the use of your personal information within the User Company. Mtv makes such tools available, such as Entities, Categories, Access rights and other services.
5.2 Access, Correction & Complaints
Access: You may request details of the personal information that we hold about you. An administrative fee may be payable for the provision of such information.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.
Complaints: If you believe that any of these Privacy Principles have been breached and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint.
If you have any enquiries or if you would like to contact us about our processing of your personal information, please contact us as indicated below.
MaintenanceTV Ltd is a company incorporated under English law with the company number 8153752. It is the parent company of MaintenanceTV France - Siret No: 791624125 00039. All privacy matters are executed either in or out of the Montpellier office:
Address: MaintenanceTV France, 672, rue du Mas de Verchant - CS37777 F-34967 Montpellier Cedex 02, Tel +33 (0)434 88 34 66
Data protection & Privacy Officer: Mr Adrian Nica