Your personal data is accessed in the Tool by the following persons/teams:
For the purpose of supporting the Tool and its back-end systems, support personnel with administrative or elevated rights from Spica Technologies (UK based) and ISS will have access to your personal data.
Since most of the functionality in the Tool is to provide assisted availability to existing EY and ISS systems, data collected or provided in the Tool will flow to such systems and can be seen by the administrators and elevated users of these system as given below:
- Meeting Rooms booked through the Tool will be available to users with the appropriate rights to the EY’s room booking system called Enterprise Reservation System (ERS);
- Meal ordering through the Tool will be available in the ISS Symphony catering system, so the ISS catering staff can prepare those meals;
- Facility service requests raised via the Tool will be available in ISS TRIRIGA CAFM system and can be seen by ISS facility service staff providing service in EY offices so that they can respond to those tickets.
The access rights detailed above involves transferring personal data in various jurisdictions (including jurisdictions outside the European Union) in which EY operates. An overview of EY network entities providing services to external clients is accessible (See Section 1 (About EY) - “View a list of EY member firms and affiliates”). EY will process your personal data in the Tool in accordance with applicable law and professional regulations in your jurisdiction. Transfers of personal data within the EY network are governed by EY’s Binding Corporate Rules.
We transfer or disclose the personal data we collect to third-party service providers (and their subsidiaries and affiliates) who are engaged by us to support our internal ancillary processes. For example, we engage service providers to provide, run and support our IT infrastructure (such as identity management, hosting, data analysis, back-up, security and cloud storage services) and for the storage and secure disposal of our hard copy files. It is our policy to only use third-party service providers that are bound to maintain appropriate levels of data protection, security and confidentiality, and that comply with any applicable legal requirements for transferring personal data outside the jurisdiction in which it was originally collected.