Security and governance

Is Simana a Data Controller or Data Processor?

Simana is a Data Controller as we determine the purposes and means of processing the personal data.

As per the guidance issued by the Information Commissioner’s Office, Seedata (the company behind the Simana product) is deemed to be the Data Controller of the processing activities associated with the provision of the Simana Services. This has been concluded on the basis that Seedata has determined the purposes and means of processing the personal data, and holds a direct relationship with the data subject. Specifically:

Seedata determines what personal data to collect (the fields associated with a user account)
Seedata determines the purpose of the processing (how the data is used for account creation, security monitoring, and use of the service)
Seedata has a direct contractual relationship with the users (data subjects), as per the User Terms of Use that each user agrees to when creating their user account.

It has further been determined that Seedata is not a joint controller with the Customer. The rationale for this determination is outlined below:

ICO guidance statement	Application to Seedata and Customer
We have a common objective with others regarding the processing	The objectives of the parties are different as the Customer uses the Services in order run and track improvements and Seedata’s roll is purely in the provision of the platform.
We are processing the personal data for the same purpose as another controller	Seedata processes the personal data in order to provide the Services, whereas the Customer processes the information a) by virtue of being the employees’ employer and b) in order to invite staff to use the Services.
We are using the same set of personal data (e.g. one database) for this processing as another controller	Seedata and the Customer to do not share a database and have distinct systems which operate independently of one and other.
We have designed this process with another controller	Simana has not been designed with the Customer as it is an independent product designed and managed by Seedata.
We have common information management rules with another controller	The privacy statement states how Seedata manages the Services and the personal data collected from individuals in order to provide the Services.

Key Features & Tools

Charting

Process Maps

PDSA / PDCA

Idea Management

Driver Diagrams

Fishbone

Root Cause Analysis

Checklists & Tasks

All-in-one Improvement Platform

Improvement Tools

Project Management

Collaboration

Workflows

Dashboards

Identify Opportunities

Deliver Improvements

Track Impact

Webinars

Guides & eBooks

Blog

Getting Started

Demos

Help Center

Improvement Hub

Media Kit

Latest From the Blog

Is Simana a Data Controller or Data Processor?

Accelerate your improvement

Product

Features

Solutions

Resources

About Us